class AdminController < ApplicationController
layout 'store'
before_filter :find_user   #this ensure we check to see if anyone's currently logged in.  see application_controller
  def login
    if request.post?
      user = User.authenticate(params[:nickName], params[:password]) 
      if user
        session[:user_id] = user.id
        uri = session[:original_uri] 
        session[:original_uri] = nil 
		if(user.isAdmin?)
			redirect_to(uri || { :action => "index" })
		else
			redirect_to(:controller => "store", :action => "index")
		end
      else
        flash[:notice] = "Invalid user/password combination"
        redirect_to(:controller => "store", :action => "index")
      end 
    end
  end

  def logout
    session[:user_id] = nil 
    flash[:notice] = "Logged out" 
    redirect_to(:controller => "store", :action => "index")
  end

  def index
    #@user = User.find(session[:user_id])
    @total_orders = Order.count
  end
  
  def authorize
	#user login and logout possible
	end

end
